Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:20 a.m.5 views

CVE-2023-24025

CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...

7.5CVSS6.9AI score0.00528EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/05 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2025:1434-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.7AI score0.00097EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/05 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2025-0143)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.7AI score0.00097EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/03 12:0 a.m.4 views

SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2025:1434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1434-1 advisory. - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries...

4.3CVSS6.2AI score0.00097EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/04/18 12:0 a.m.38 views

CVE-2025-43903

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...

4.3CVSS7AI score0.00097EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/13 7:35 p.m.54 views

CVE-2022-31053 Signature forgery in Biscuit

Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid Γ-signatures. Such an attack would allow an attacker to create a token with any access level. The...

9.8CVSS9.8AI score0.0096EPSS
Exploits1References2
Rows per page
Query Builder